Paper Title
Network Intrusion Node Clone Detection In Virtual Network Systems

Abstract
This is because cloud users may install in danger applications on their virtual equipment. To prevent vulnerable virtual machines from being compromise in the cloud, a multi-phase scattered vulnerability exposure, measurement, and counter measure selection mechanism called NICE, which is built on attack graph based analytical models and reconfigurable virtual network-based counter measures. The proposed framework leverages Open Flow network programming APIs to build monitor and control plane over distributed programmable virtual switches in order to significantly improve attack detection and mitigate attack consequences. The system and security evaluations exhibit the efficiency and effectiveness of the proposed Solution. In this paper, we propose two novel node clone detection protocols with different tradeoffs on network conditions and performance. The first one is based on a distributed hash table (DHT), by which a fully decentralized, key-based caching and checking system is raise to catch cloned nodes effectively. The protocol performance on efficient storage consumption and high security level is theoretically deducted through a probability model, and the resulting equations, with necessary adjustments for real application, are supported by the simulations. Although the DHT-based protocol incurs similar communication cost as preceding approaches, it may be considered a little high for some scenarios. To address this concern, our second distributed detection protocol, named randomly directed exploration, presents good communication performance for dense sensor networks, by a probabilistic directed forwarding technique along with random initial direction and border determination. The simulation results uphold the protocol design and show its efficiency on communication overhead and satisfactory detection probability.